Qualys Cloud Platform 8.21.6 (VM/PC) API Notification 2

A new release of Qualys Cloud Platform 8.21.6 includes an updated API which is targeted for release in November 2019. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.

What’s New

New Oracle HTTP Server Authentication API

/api/2.0/fo/auth/

/api/2.0/fo/auth/oracle_http_server/

Oracle HTTP Server authentication is now supported for compliance scans on Unix and Windows. The new Oracle HTTP Server Authentication API (api/2.0/fo/auth/oracle_http_server/) lets you list, create, update and delete Oracle HTTP Server authentication records. User permissions for this API are the same as other authentication record APIs. Note that the API supports authentication record creation only for Oracle Server installed on respective OS - Unix or Windows.

Support for File Content Check on Windows

/api/2.0/fo/compliance/posture/info/?action=list

/api/2.0/fo/compliance/control/?action=list

/api/2.0/fo/compliance/policy/?action=export

With this release, you can now configure a File Content Check control to check the contents of a Windows file. Tell us which file you want to evaluate and what you're looking for. We'll return all lines in the file that match. You can specify your file location using any of the path types: Registry Key, File Search, File Path

Support for HashiCorp vault in Database Authentication records /api/2.0/fo/auth/HashiCorp Vault is now supported for the following database authentication records: MySQL, MariaDB, Sybase, PostgreSQL, MongoDB. You can create, update, list, and view authentication credentials from a HashiCorp vault.

Updates to Input Parameters for Cloud Perimeter Scan Jobs

/api/2.0/fo/scan/cloud/

It’s now possible to launch a cloud perimeter scan job without specifying the platform, region code, vpc id or asset tags. Multiple input parameters changed from Required to Optional to provide this flexibility. Note - There are no changes to the XML output or DTD.

Sybase Authentication is Now Supported in VM

/api/2.0/fo/auth/sybase/

/api/2.0/fo/subscription/option_profile/

Sybase authentication was already supported for PC and now it’s also supported in VM for vulnerability scanning. Each Sybase record identifies account login credentials, database information and target host IPs for authenticating to Sybase Adaptive Server Enterprise (ASE) instances. How you create and manage Sybase records is the same as previously documented for PC. You can find all the details in the Qualys API (VM/PC) User Guide.

We made updates to the VM option profile API to allow users to enable Sybase authentication for vulnerability scans. You’ll also see Sybase in the XML output when you list/export option profiles with Sybase enabled. Note that there are no DTD changes.